[New-bugs-announce] [issue23855] Missing Sanity Check for malloc() in PC/_msi.c

Bill Parker report at bugs.python.org
Fri Apr 3 00:11:43 CEST 2015

New submission from Bill Parker:

Hello All,

   In reviewing code in Python-3.4.3/PC/_msi.c, I found a call to malloc() at line 326 in function 'static PyObject* msierror(int status)' in which the call is made and assigned to variable 'res', but no check for NULL, indicating failure is made afterwards.  The patch below corrects this issue:

--- _msi.c.orig 2015-04-02 15:01:02.882326352 -0700
+++ _msi.c      2015-04-02 15:02:43.382099357 -0700
@@ -324,6 +324,10 @@
     code = MsiRecordGetInteger(err, 1); /* XXX code */
     if (MsiFormatRecord(0, err, res, &size) == ERROR_MORE_DATA) {
         res = malloc(size+1);
+       if (res == NULL) /* malloc() failed, out of memory... */
+           PyErr_SetString(MSIError, "out of memory");
+           return NULL;
+       }
         MsiFormatRecord(0, err, res, &size);

components: Windows
files: _msi.c.patch
keywords: patch
messages: 239948
nosy: dogbert2, steve.dower, tim.golden, zach.ware
priority: normal
severity: normal
status: open
title: Missing Sanity Check for malloc() in PC/_msi.c
type: behavior
versions: Python 3.4
Added file: http://bugs.python.org/file38811/_msi.c.patch

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list